- 30 Oct 2024
- 1 Minute to read
- DarkLight
- PDF
Safe Devices Only
- Updated on 30 Oct 2024
- 1 Minute to read
- DarkLight
- PDF
Just because a device is sanctioned doesn't mean it is safe.
Every organization strives to protect their organization's crown jewels – its data – from outside threat and exfiltration. Computer and mobile endpoints are the conduits to access and make use of this data to get work done and drive business forward. Therefore, ensuring that only safe endpoints are able to access and store copies of company data is of paramount importance.
However the proliferation of laptops, mobile devices, cloud computing, and hybrid-work have completely overwhelmed most IT, InfoSec, legal, and compliance teams, leaving significant gaps in securely managing access to and storage of these data.
Jamf provides various security tools to help protect endpoints from threats and ascertain risk. When deployed as part of Trusted Access, these tools work in conjunction with Jamf Pro and Jamf Connect to influence the storage and accessibility of data based upon the determined risk level of any given device.
There are two types of protections that Jamf security products provide:
Endpoint - Protection from threats to the device itself, such as installed malware, out-of-date operating systems, or invalid compliance configurations.
Network - Protection from threats that utilize network connectivity to infect a device, phish a user, or exfiltrate data.
Identifying Safe Devices
Every organization is trying to play catch-up to all the various means of being attacked. Keeping organizational data safe on devices is certainly a cat and mouse game, needing to be consistently addressed and reviewed. The best understanding that a device is safe to store or transmit corporate or sensitive data can be viewed in the following ways:
- Compliant - First is to verify the device is managed with all the proper compliance settings enforced. Example would be to use Jamf Compliance Editor to build your compliance benchmark.
- Secured - After the device is compliant, an organization must verify that proper security applications & tools have been installed and activated.
- Monitored - Now that the device is compliant and secured, ongoing device and network threat reviews need to be identifying consistent risk to the organization.